Skip to content

Commit b41fefe

Browse files
cardoecardoe
authored
Merge pull request #1152 from rackerlabs/argo-workflows-update
chore: refactor argo workflows and argo events installation
2 parents 47c206d + 61ab60c commit b41fefe

15 files changed

+321
-345
lines changed

components/argo-events/argo-role.yaml

Lines changed: 0 additions & 148 deletions
This file was deleted.

components/argo-events/argo-server-rb.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
apiVersion: apps/v1
2+
kind: RoleBinding
3+
metadata:
4+
name: argo-server-binding
5+
subjects:
6+
- kind: ServiceAccount
7+
name: argo-server
8+
namespace: argo

components/argo-events/argo-server-role.yaml

Lines changed: 0 additions & 88 deletions
This file was deleted.

components/argo-events/controller-rb.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
apiVersion: apps/v1
2+
kind: RoleBinding
3+
metadata:
4+
name: argo-binding
5+
subjects:
6+
- kind: ServiceAccount
7+
name: argo
8+
namespace: argo

components/argo-events/default-role.yaml

Lines changed: 0 additions & 25 deletions
This file was deleted.

components/argo-events/kustomization.yaml

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,19 +7,26 @@ resources:
77
- https://github.com/argoproj/argo-events/releases/download/v1.9.7/install.yaml
88
- https://github.com/argoproj/argo-events/releases/download/v1.9.7/install-validating-webhook.yaml
99

10-
## configure rbac to integrate with argo-workflow
11-
# - default-role.yaml
12-
- argo-server-role.yaml
13-
- argo-role.yaml
10+
# grant the argo-workflows the ability to run workflows in this namespace
11+
- https://github.com/argoproj/argo-workflows/manifests/namespace-install/argo-server-rbac?ref=v3.5.10
12+
- https://github.com/argoproj/argo-workflows/manifests/namespace-install/workflow-controller-rbac?ref=v3.5.10
1413

1514
## configure webhook Sensor and associated role
1615
- sensor-workflow-role.yaml
1716
- workflow-role.yaml
1817

1918
- configmaps.yaml
2019

21-
## allow neutron's service account to submit workflows
22-
- svc-neutron.yaml
23-
2420
## copy openstack/cinder-netapp-config to argo-events/netapp-config
2521
- secret-netapp.yaml
22+
23+
patches:
24+
- target:
25+
kind: RoleBinding
26+
name: argo-binding
27+
path: controller-rb.yaml
28+
29+
- target:
30+
kind: RoleBinding
31+
name: argo-server-binding
32+
path: argo-server-rb.yaml

components/argo-events/svc-neutron.yaml

Lines changed: 0 additions & 36 deletions
This file was deleted.

components/argo/argo-server-deployment.yaml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
apiVersion: apps/v1
2+
kind: Deployment
3+
metadata:
4+
name: argo-server
5+
spec:
6+
template:
7+
spec:
8+
containers:
9+
- name: argo-server
10+
args:
11+
- server
12+
# allow SSO, which currently has all clients use the server's ServiceAccount
13+
- --auth-mode=sso
14+
# all other auth via Kubernetes bearer tokens
15+
- --auth-mode=client
16+
# running in namespaced mode and not cluster wide
17+
- --namespaced
18+
# configures the namespace where workflows actually run
19+
- --managed-namespace
20+
- argo-events

0 commit comments

Comments
 (0)